Lucene search
HistoryJan 08, 2024 - 7:15 p.m.
CVE-2023-6139
cve-2023-6139
essential real estate
wordpress
plugin
dos
nvd
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
13.3%
The Essential Real Estate WordPress plugin before 4.4.0 does not apply proper capability checks on its AJAX actions, which among other things, allow attackers with a subscriber account to conduct Denial of Service attacks.
Affected configurations
Node
g5themeessential_real_estateRange<4.4.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| g5theme | essential_real_estate | * | cpe:2.3:a:g5theme:essential_real_estate:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Unknown",
"product": "Essential Real Estate",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "4.4.0"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
wpvulndb
wpvulndb
nvd
nvd
CVE-2023-6139
2024-01-08 19:15:09
prion
prion
Design/Logic Flaw
2024-01-08 19:15:00
cvelist
cvelist
wpexploit
wpexploit
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
13.3%
Related for CVE-2023-6139